Deze website maakt gebruik van cookies. Klik hier voor meer informatie.X sluit
Uitgebreid zoeken

Digital Archaeology

The Art And Science Of Digital Forensics

Digital Archaeology - Graves, Michael - ISBN: 9780321803900
Prijs: € 49,75 (onder voorbehoud)
Beschikbaarheid: Nog niet verschenen.
Bindwijze: Boek
Genre: Internet
Digital Archaeology op
Add to cart


The Definitive, Up-to-Date Guide to Digital Forensics


The rapid proliferation of cyber crime is increasing the demand for digital forensics experts in both law enforcement and in the private sector. In Digital Archaeology, expert practitioner Michael Graves has written the most thorough, realistic, and up-to-date guide to the principles and techniques of modern digital forensics.


Graves begins by providing a solid understanding of the legal underpinnings of and critical laws affecting computer forensics, including key principles of evidence and case law. Next, he explains how to systematically and thoroughly investigate computer systems to unearth crimes or other misbehavior, and back it up with evidence that will stand up in court.


Drawing on the analogy of archaeological research, Graves explains each key tool and method investigators use to reliably uncover hidden information in digital systems. His detailed demonstrations often include the actual syntax of command-line utilities. Along the way, he presents exclusive coverage of facilities management, a full chapter on the crucial topic of first response to a digital crime scene, and up-to-the-minute coverage of investigating evidence in the cloud.


Graves concludes by presenting coverage of important professional and business issues associated with building a career in digital forensics, including current licensing and certification requirements.


Topics Covered Include

  • Acquiring and analyzing data in ways consistent with forensic procedure
  • Recovering and examining e-mail, Web, and networking activity
  • Investigating users’ behavior on mobile devices
  • Overcoming anti-forensics measures that seek to prevent data capture and analysis
  • Performing comprehensive electronic discovery in connection with lawsuits
  • Effectively managing cases and documenting the evidence you find
  • Planning and building your career in digital forensics


Digital Archaeology is a key resource for anyone preparing for a career as a professional investigator; for IT professionals who are sometimes called upon to assist in investigations; and for those seeking an explanation of the processes involved in preparing an effective defense, including how to avoid the legally indefensible destruction of digital evidence.


Titel: Digital Archaeology
auteur: Graves, Michael
Mediatype: Boek
Taal: Engels
Druk: 1
Aantal pagina's: 608
Uitgever: Pearson Education (us)
Plaats van publicatie: 01
NUR: Internet
Afmetingen: 230 x 181 x 30
Gewicht: 938 gr
ISBN/ISBN13: 9780321803900
Intern nummer: 23602031

Biografie (woord)

Michael W. Graves has worked for more than fifteen years as a network specialist, security analyst, and forensic analyst. He worked as a contractor for the federal government on jobs involving digital investigations ranging from simple employee violations to potential national security threats, and participated in e-discovery for a major bank. Graves holds an M.S. in digital investigation from Champlain College, where he studied under pioneers Gary Kessler and Robert Simpson, among others. He also served several semesters as adjunct professor of computer science for the college.



"For those looking for an introductory text on the topic of digital forensics, Digital Archaeology: The Art and Science of Digital Forensics is an excellent read. Its comprehensive overview of the entire topic, combined with the author's excellent writing skills and experience, make the book a worthwhile reference."


-- Ben Rothke, CISSP – information security manager


Preface          xiii

About the Author         xxi


Chapter 1: The Anatomy of a Digital Investigation         1

A Basic Model for Investigators  2

Understanding the Scope of the Investigation  8

Identifying the Stakeholders  12

The Art of Documentation  13

Chapter Review  21

Chapter Exercises  21

References  22


Chapter 2: Laws Affecting Forensic Investigations          23

Constitutional Implications of Forensic Investigation  24

The Right to Privacy  29

The Expert Witness  31

Chapter Review  32

Chapter Exercises  32

References  33


Chapter 3: Search Warrants and Subpoenas          35

Distinguishing between Warrants and Subpoenas  36

What Is a Search and When Is It Legal?  37

Basic Elements of Obtaining a Warrant  40

The Plain View Doctrine  43

The Warrantless Search  44

Subpoenas  50

Chapter Review 51

Chapter Exercises  52

References  52


Chapter 4: Legislated Privacy Concerns          55

General Privacy  56

Financial Legislation  59

Privacy in Health Care and Education  62

Privileged Information  64

Chapter Review  67

Chapter Exercises  68

References  68


Chapter 5: The Admissibility of Evidence          71

What Makes Evidence Admissible?  71

Keeping Evidence Authentic  76

Defining the Scope of the Search  84

When the Constitution Doesn’t Apply  84

Chapter Review  89

Chapter Exercises  89

References  89


Chapter 6: First Response and the Digital Investigator         91

Forensics and Computer Science  91

Controlling the Scene of the Crime  96

Handling Evidence  100

Chapter Review  109

Chapter Exercises  109

References  110


Chapter 7: Data Acquisition         111

Order of Volatility  112

Memory and Running Processes  112

Acquiring Media  121

Chapter Review  128

Chapter Exercises  128

References  129


Chapter 8: Finding Lost Files         131

File Recovery  131

The Deleted File  141

Data Carving  145

Chapter Review  149

Chapter Exercises  150

References  150


Chapter 9: Document Analysis          151

File Identification  151

Understanding Metadata  157

Mining the Temporary Files  172

Identifying Alternate Hiding Places of Data  176

Chapter Review  183

Chapter Exercises  183

References  183


Chapter 10: E-mail Forensics          185

E-mail Technology  185

Information Stores  191

The Anatomy of an E-mail  196

An Approach to E-mail Analysis  203

Chapter Review  210

Chapter Exercises  211

References  211


Chapter 11: Web Forensics           213

Internet Addresses  213

Web Browsers  215

Web Servers  233

Proxy Servers  238

Chapter Review  244

Chapter Exercises  244

References  245


Chapter 12: Searching the Network          247

An Eagle’s Eye View  247

Initial Response  248

Proactive Collection of Evidence  250

Post-Incident Collection of Evidence  262

Router and Switch Forensics  268

Chapter Review  275

Chapter Exercises  275

References  276


Chapter 13: Excavating a Cloud          277

What Is Cloud Computing?  277

Shaping the Cloud  279

The Implications of Cloud Forensics  284

On Virtualization  291

Constitutional Issues  300

Chapter Review  303

Chapter Exercises  304

References  304


Chapter 14: Mobile Device Forensics         307

Challenges of Mobile Device Forensics  307

How Cell Phones Work  308

Data Storage on Cell Phones  313

Acquisition and Storage  317

Legal Aspects of Mobile Device Forensics  322

Chapter Review  324

Chapter Exercises  325

References  325


Chapter 15: Fighting Antiforensics         327

Artifact Destruction  328

Hiding Data on the System  336

Covert Data  347

Chapter Review  354

Chapter Exercises 355

References  355


Chapter 16: Litigation and Electronic Discovery          357

What Is E-Discovery?  358

A Roadmap of E-Discovery  358

Conclusion  377

Chapter Review  377

Chapter Exercises  377

References  378


Chapter 17: Case Management and Report Writing          379

Managing a Case  379

Writing Reports  389

Chapter Review  393

Chapter Exercises  394

References  394


Chapter 18: Tools of the Digital Investigator         395

Software Tools  395

Working with “Court-Approved” Tools  410

Hardware Tools  413

Nontechnical Tools  418

Chapter Review  421

Chapter Exercises  422

References  422


Chapter 19: Building a Forensic Workstation          423

What Is a Forensic Workstation?  424

Commercially Available Forensic Workstations  425

Building a Forensic Workstation From Scratch  429

Chapter Review  440

Chapter Exercises  440

References  440


Chapter 20: Licensing and Certification          441

Digital Forensic Certification  441

Vendor-Neutral Certification Programs  442

Vendor-Specific Certification Programs  449

Digital Forensic Licensing Requirements  452

Chapter Review  454

Chapter Exercises  454

References  454


Chapter 21: The Business of Digital Forensics         457

Starting a New Forensics Organization  458

Maintaining the Organization  466

Generating Revenue  478

Organizational Certification  481

Chapter Review  483

Chapter Exercises  483

References  483


Appendix A: Chapter Review Answers          485


Appendix B: Sample Forms         505


Glossary         511


Index       521



Dit product is op dit moment niet op voorraad in een van onze vestigingen.